Target Audience | Administrators of the Vulcan Platform |
About
The Remediation Work Form allows security cross-team users to view vulnerability instances and their details through the remediation ticket, and to submit an exception request for part or all of the instances. This feature aims to:
Improve and facilitate collaboration between security teams and external teams responsible for executing vulnerability fixes
Minimize friction and enhance the overall experience for users who may not be well-versed in Vulcan through a user-friendly interface
Simplify the interaction with the Vulcan Platform when submitting an Exception Request
The Remediation Work Form is a feature that allows Vulcan-oriented and those who may not be well-versed in Vulcan to perform the following actions easily and quickly:
View all vulnerability instances and their details in the remediation ticket.
Submit an exception request for part or all of the vulnerability instances.
How it works
Every ticket opened through the Vulcan Platform contains a content block named "Open Exception Request". This block includes a unique link allowing users, who receive the ticket information (in email or through the integrated ticketing system), to access the Remediation Work Form and the exception request form.
User flow overview
The user receives a Vulcan ticket or email containing a unique link to the Remediation Work Form. The link to the Remediation Work Form is sent as part of the email summary and is integral to the email.
The user clicks the link and authenticates as a Vulcan user.
The user reviews the ticket information and selects the vulnerabilities and assets for which they want to submit an exception request. They fill in the required details and submit the request.
An email notification is sent to the approvers (as defined by the admin) and the regular and known exception request approval flow is triggered.
(Optional) The user can edit the request and update it.
Access and Authentication
For users to access the Remediation Work Form, the user must authenticate as a Vulcan user and have the permission "Access to Remediation Work Form" enabled for their role.
Existing Vulcan users with existing role access permission to create exception requests and/or campaigns will automatically receive the "Access to Remediation Work Form" permission.
If the user isn't a Vulcan user and SSO isn't set for the Vulcan platform, you must create a user with the following Role Access permissions: "Access to Remediation Work Form".
If the organization uses Single Sign-On (SSO) to access the Vulcan Platform, make sure the users are assigned to Vulcan.
Then, once a user authentication through SSO, Vulcan will automatically provision a dedicated Remediation Collaborator role to the user with the following access permission only: "Access to Remediation Work Form"
Filling the Exception Request
Once the user is authenticated, they can select the vulnerabilities and assets they wish to include in the exception request.
The exception request has the following fields:
Type: The type of request you would like to open, e.g., "False positive" or "Risk Acknowledged". The available list of exception request types depends on the exception request types created by the admin.
Name: The name of the request.
Justification: The reasons why you are submitting the request.
Files: files attachment is available
Expiration: The requested expiration date. When the request expires, the vulnerability status changes to "Vulnerable" or "In Progress" again.
After filling in all the required fields, the user can Submit the request.
Editing the Exception Request
After submitting the exception request, users can edit it.
To edit an exception request, users can simply click again on the unique link in the Vulcan ticket or email they received to open the Remediation Work Form page.
Then, users can edit the Exception Request by selecting or unselecting vulnerabilities, and modifying fields like Type, Name, Justification, Files, and Expiration.
Once ready, they can click Update the Request to save changes.
Note: If the request requires approval, all approvals will be restarted once a request is edited.
Understanding Statuses
There are three statuses:
In Progress: The vulnerability must be remediated.
Risk Acknowledged: The vulnerability was approved within the exception request.
Archived: The related asset was archived.
FAQ
Is there a simple user guide for users reviewing vulnerability details and submitting an exception request through the link in the ticket?
Yes. There is a special user guide for this purpose:
Submitting Exception Requests through ticket - Remediation Work Form User Guide
What happens after the user submits an exception request through the Remediation Work Form?
Once the user submits the exception request (new or updated), the approval workflow is triggered and approvers receive the request by email.
Does the Remediation Work Form get updated with any vulnerability status change?
Yes. Every time the user clicks the Remediaiton work Form URL, it retrieves the current status of the vulnerabilities in the ticket from the Vulcan Platform.